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CLAIM AMENDMENTS 

This listing of claims will replace all prior versions and listings of claims in the application. 
Listing of Claims 

1 . (Currently Amended) A method of authenticating an e nd - us e r cli e n t end-user clients 
requiring access to services available in a computer-based communication system^ comprising 
the steps of: 

a) at an authentication scrv^cr connected in said communication system, defininu a list of 

authentication modules available in said communication system, and mapping said 
authentication modules to authenticating domain identifiers associated to end-user clients of said 
autlienti cation server: 

^a)b} sending, by tfeean end-user client, an auth e nticatin g a respective authentication 

domain identifier to a nsaid authentication server; 

^b)c) creating, by the authentication server and depending on the authentication domain 

identifier, an authentication stac k specific to said end-user client, said stack comprising one or 
more stack entries , each mapped to a respective authentication module : 

^e)d} rendering, for each stack entry and depending thereon, an authentication service 

provided at said respective authentication module to produce an authentication result for that 
entry; and 

^d)e} consolidating authentication results to obtain an authentication status for the end- 
user client. 
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2. (Currently Amended) The method as defined in claim 1 wherein the authentication 
domain identifier identifies an application service ID. 

3. (Canceled) 

4. (Original) The method as defined in claim 1 wherein the authentication service includes 
local and remote services. 

5. (Original) The method as defined in claim 4 wherein the local and remote services 
include but are not limited to biometric schemes, cryptographic hardware services, smart cards 
and USB tokens. 

6. (Currently Amended) The method as defined in claim 1 fi:irther comprising, sending a 
unique session identifier to the end-user client wh e r e in responsive to an authentication status 
corresponding to a successfixl authenticatio n, a unique session ID is sent to the end -user client . 

7. (Original) A system for authenticating an end-user client in a computer-based 
communication system comprising: 

means, at the end-user client, for sending an authenticating domain identifier to an 
authentication server; 

means, at the authentication server and depending on the authentication domain 
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identifier, for creating an authentication stack comprising one or more stack entries; 

means for rendering, for each stack entry and depending thereon, an authentication 
service to produce an authentication result for that entry; and 

means for consolidating authentication results to obtain an authentication status for the 
end-user client. 

8. (Original) The system as defined in claim 7 wherein the authentication identifies an 
application ID 

9. (Original) The system as defined in claim 8 wherein the authentication server, dependent 
on the application ID, retrieves a configuration specifying how to create the authentication stack. 

10. (Original) The system as defined in claim 7 wherein the authentication service includes 
local and remote services. 

1 1 . (Original) The system as defined in claim 7 wherein the local and remote services 
include biometric schemes, cryptographic hardware services, smart cards and USB tokens. 

12. (Original) The system as defined in claim 7 wherein responsive to an authentication 
status corresponding to a successful authentication, a unique session ID is sent to the end-user 
client. 
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